Are There Any Sample LDIF To CREATE And DELETE ACIDs?

Document ID : KB000054837
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Are there any examples to create and delete ACIDs using the ldapmodify command with an LDIF?

Solution:

Sample LDIF to create ACIDs

  1. Create acid 'TESTID1' and add PROFILE 'PROFILE1' to it.

    dn:tssacid=testid1,tssadmingrp=acids,host=xxxx,o=yyy,c=zz
    changetype: add
    Name:testid number 1
    Department:testdept
    userPassword:testpas1
    userPassword-Expire:Y

    dn:tssproflist=profile1,tssacidgrp=proflist,tssacid=testid1,tssadmingrp=acids,host=xxxx,o=yyy,c=zz
    changetype: add
    Profile-First:profile1


  2. Create acid 'TESTID2' and add PROFILE 'PROFILE2' to it.

    dn:tssacid=testid2,tssadmingrp=acids,host=xxxx,o=yyy,c=zz
    changetype: add
    Name:testid number 2
    Department:testdept
    userPassword:testpas2
    userPassword-Expire:Y

    dn:tssproflist=profile2,tssacidgrp=proflist,tssacid=testid2,tssadmingrp=acids,host=xxxx,o=yyy,c=zz
    changetype: add
    Profile-First:profile2

The equivalent commands under CA Top Secret are:

TSS CRE(TESTID1) NAME('TESTID NUMBER 1') DEPT(TESTDEPT) -
PASS(TESTPAS1,,EXP) PROF(PROFILE1)
TSS CRE(TESTID2) NAME('TESTID NUMBER 2') DEPT(TESTDEPT) -
PASS(TESTPAS2,,EXP) PROF(PROFILE2)


Note1:
CA LDAP Server provides UFNs(User Friendly Names) for each ACID field on the CA Top Secret database.

Example:
'userPassword' is the UFN for the PASSWORD in the CA Top Secret database.

The list for UFNs can be found in the Chapter 4 'CA TSS_RA Backend' in CA LDAP for CA Top Secret Administrator Guide.

Note2:
The acid must be created first before adding the PROFILE to it.

A single ldapmodify commands can be used to create the acid and then add the PROFILE to the acid.

A separate DN is needed to create the acid and then add the PROFILE to the acid.

Sample LDIF to delete ACIDs

  • DELETE acids TESTID1 and TESTID2:

    dn:tssacid=testid1,tssadmingrp=acids,host=xxxx,o=yyy,c=zz
    changetype: delete

    dn:tssacid=testid2,tssadmingrp=acids,host=xxxx,o=yyy,c=zz
    changetype: delete


    The equivalent commands under CA Top Secret are:

    TSS DEL(TESTID1)
    TSS DEL(TESTID2)